Hi
First of all thanks to
- Joe Mears
- Dieter Lempen & co
- Ray
- Nuclear Cowboy
- Micha Borrmann
and all the others for the valuable input.
Solution Summary:
- It looks like most had this problems and that there is no
solution in R54 if DCE-RPC is used over tcp/135. There is
no way to disable that Application INTELLIGENCE feature!
- In R55 there is a special tab to disable DCE-RPC and there
are several more variables which can be set in dcerpc.def
and maybe the AI is even working, but it seems that most
just disabled it!
- It is unclear if it is enough to upgrade the management
server or you have to upgrade the nodes as well.
- Once again Checkpoint hold back information!
See:
http://www.checkpoint.com/securitycenter/advisories/2003/cpai-2003-11.html
(not a single word is mentioning that it just doesn't work with R54)
or in the RN55:
"411-8 : Resolved issue where DCERPC data packets were dropped."
Feedback to Checkpoint: "Please release the information at least to
the
ones who are paying the software subscription! You should take a look
at the Stonesoft guys!"
Regards
Philipp
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
